$ rpki-client -vvf rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft File: Q2XRedW3PoqX7eBQXynvAMLWPvk.mft (raw, json) Hash identifier: KHDWspJblRtlhCbq9O3F9R5MxH98mMo7pfN3Kv+0EcQ= Subject key identifier: 34:36:CE:AD:14:41:7B:1F:C8:24:AF:F7:73:20:34:D5:25:62:01:3D Authority key identifier: 43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9 Certificate issuer: /CN=A9139555/serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9 Certificate serial: 02D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft Manifest number: 02C8 Signing time: Sat 23 Aug 2025 01:40:20 +0000 Manifest this update: Sat 23 Aug 2025 01:40:20 +0000 Manifest next update: Sat 30 Aug 2025 01:40:20 +0000 Files and hashes: 1: Q2XRedW3PoqX7eBQXynvAMLWPvk.crl (hash: hmxUe18gzDvzAqLbMCUr/SkZJfaJZPX2h4mxH4t+76A=) 2: E9A9531644D611F0ABB89277C4F9AE02.roa (hash: GeKHBnqKWQ5odcVSCSiPOuNHSoS5ENhlNwIJeq+zQ50=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:40:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 721 (0x2d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9139555, serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9 Validity Not Before: Aug 23 01:40:20 2025 GMT Not After : Aug 30 01:40:20 2025 GMT Subject: CN=68a91c04-5c7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:da:9b:19:25:ea:b7:47:d5:18:3d:b0:a1:5c: 1f:b4:2e:40:22:18:4c:b3:1d:31:66:da:b6:1e:93: 6e:97:79:55:8e:bf:5e:23:ec:b3:83:8d:96:ef:f6: 23:6c:db:3c:a0:ef:fe:d6:84:7a:82:f7:bd:98:2f: 03:e5:dc:e1:fe:0a:ba:77:13:0d:36:36:f7:ba:1b: d9:3c:04:a4:21:48:50:50:66:96:34:71:65:af:1a: 8b:51:fc:60:e5:a7:ef:05:be:81:df:b6:ae:0a:94: 36:6d:11:87:e4:19:f9:f2:71:4c:90:c3:10:f1:9c: 29:44:56:89:3a:84:8f:2b:d3:15:0b:66:aa:45:fb: 38:b1:eb:00:d3:b6:b5:c3:e6:96:93:89:09:40:85: d1:a0:df:f5:20:4f:59:7b:48:e9:8d:7e:b4:ad:25: 6f:68:ae:fa:d1:30:64:20:18:3b:84:78:ee:0f:6a: f8:bf:f3:3d:d4:1d:34:9d:1b:e7:5e:12:8e:03:9a: 13:01:e1:f1:50:03:34:e7:e8:da:66:bb:8e:e0:d2: 9f:0d:e0:9d:ed:a6:5c:84:62:70:8e:d1:15:b2:6e: be:b1:cd:4c:73:fe:b2:99:d4:30:86:fe:ff:27:df: fd:71:8e:5c:e8:6e:c4:ee:b1:3b:a9:02:68:50:9c: 24:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:36:CE:AD:14:41:7B:1F:C8:24:AF:F7:73:20:34:D5:25:62:01:3D X509v3 Authority Key Identifier: keyid:43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:1d:3a:f8:18:0a:39:ab:e4:9d:e0:43:2b:17:f6:a9:8c:66: a4:1c:7f:b2:6d:58:dd:cf:45:d8:fd:1a:3e:86:8a:cd:22:b4: 83:86:39:60:e6:b9:1f:2b:7a:86:cd:58:dd:3f:59:22:9b:e7: a4:1a:3d:64:43:19:b8:d5:7e:c3:b5:40:9a:3a:36:ac:ae:2f: f7:87:23:70:75:e3:85:9d:04:d9:c5:c4:ab:4b:44:fc:1b:8d: 95:87:b6:01:ff:2e:f0:49:8d:11:14:f2:75:8c:af:be:3c:ce: c0:44:3b:ea:25:c4:b1:a6:2b:34:9e:a9:f0:88:a7:38:1a:17: 3e:d6:e7:12:bd:0b:2e:cc:34:cc:75:e7:66:26:38:fd:f0:35: 0d:27:a4:1e:96:3f:11:ae:bc:5b:25:e3:63:dc:be:a7:3b:3b: 60:01:fb:8f:bf:c9:75:7e:8b:0d:18:e4:04:bf:78:64:b5:b4: 1a:a2:cf:2b:e5:e0:d2:9b:a0:87:82:7b:61:6f:a0:c4:c8:16: c2:70:4e:8d:78:0f:cf:06:c6:8c:3f:20:43:75:0c:52:d9:c5: 48:03:7a:0c:c4:30:c6:32:af:61:7d:76:bb:2e:50:d5:42:ce: e6:71:e9:7e:db:70:06:8f:41:34:93:6d:17:09:8e:eb:85:b6: ce:06:d3:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAtEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk1NTUxMTAvBgNVBAUTKDQzNjVEMTc5RDVCNzNFOEE5N0VERTA1MDVGMjlFRjAw QzJENjNFRjkwHhcNMjUwODIzMDE0MDIwWhcNMjUwODMwMDE0MDIwWjAYMRYwFAYD VQQDEw02OGE5MWMwNC01YzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoNqbGSXqt0fVGD2woVwftC5AIhhMsx0xZtq2HpNul3lVjr9eI+yzg42W7/Yj bNs8oO/+1oR6gve9mC8D5dzh/gq6dxMNNjb3uhvZPASkIUhQUGaWNHFlrxqLUfxg 5afvBb6B37auCpQ2bRGH5Bn58nFMkMMQ8ZwpRFaJOoSPK9MVC2aqRfs4sesA07a1 w+aWk4kJQIXRoN/1IE9Ze0jpjX60rSVvaK760TBkIBg7hHjuD2r4v/M91B00nRvn XhKOA5oTAeHxUAM05+jaZruO4NKfDeCd7aZchGJwjtEVsm6+sc1Mc/6ymdQwhv7/ J9/9cY5c6G7E7rE7qQJoUJwkzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDQ2zq0U QXsfyCSv93MgNNUlYgE9MB8GA1UdIwQYMBaAFENl0XnVtz6Kl+3gUF8p7wDC1j75 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTU1NS9EQzdEMTQ1QTAy MkQxMUVEOUQ2NDZCNTdDNEY5QUUwMi9RMlhSZWRXM1BvcVg3ZUJRWHludkFNTFdQ dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1EyWFJlZFczUG9xWDdlQlFYeW52QU1MV1B2ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz OTU1NS9EQzdEMTQ1QTAyMkQxMUVEOUQ2NDZCNTdDNEY5QUUwMi9RMlhSZWRXM1Bv cVg3ZUJRWHludkFNTFdQdmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCLHTr4GAo5q+Sd4EMrF/apjGakHH+ybVjdz0XY/Ro+horNIrSDhjlg 5rkfK3qGzVjdP1kim+ekGj1kQxm41X7DtUCaOjasri/3hyNwdeOFnQTZxcSrS0T8 G42Vh7YB/y7wSY0RFPJ1jK++PM7ARDvqJcSxpis0nqnwiKc4Ghc+1ucSvQsuzDTM dedmJjj98DUNJ6Qelj8RrrxbJeNj3L6nOztgAfuPv8l1fosNGOQEv3hktbQaos8r 5eDSm6CHgnthb6DEyBbCcE6NeA/PBsaMPyBDdQxS2cVIA3oMxDDGMq9hfXa7LlDV Qs7mcel+23AGj0E0k20XCY7rhbbOBtMi -----END CERTIFICATE-----Generated at Sun Aug 24 03:10:51 2025 by rpki-client